Correct. You'll need another token seed provisioned to the new device. There are two device binding features with the software token - one happens always and the other is optional. The first - when installed on a device the token can only be accessed on that device. If you try and move that app to another device the token seed is unreadable. The second is explicit device binding i.e. "this can only be installed on Jim's device." Unclear if one or both are in play here but either way the end result would be requesting a new SecurID token. Hope that helps!